Lucene search
K

Caddy 2.4.6 - Open Redirect

🗓️ 05 Jul 2026 03:01:21Reported by ProjectDiscoveryType 
nuclei
 nuclei
🔗 github.com👁 128 Views

Caddy 2.4.6 open redirect vulnerability, allows attacker to redirect user to malicious site, leading to potential phishing attacks and credential theft

Related
Refs
Code
ReporterTitlePublishedViews
Family
Circl
CVE-2022-28923
7 Feb 202302:28
circl
CNNVD
Caddy 输入验证错误漏洞
6 Feb 202300:00
cnnvd
CVE
CVE-2022-28923
6 Feb 202300:00
cve
Cvelist
CVE-2022-28923
6 Feb 202300:00
cvelist
Debian CVE
CVE-2022-28923
6 Feb 202300:00
debiancve
Github Security Blog
Open Redirect in Caddy
7 Feb 202300:30
github
NVD
CVE-2022-28923
6 Feb 202323:15
nvd
OSV
CGA-7C9G-X4F4-FPC8
6 Jun 202412:23
osv
OSV
CGA-CJHP-29GH-4WW9
6 Jun 202412:25
osv
OSV
CGA-Q9Q7-J2HP-96G2
29 Jan 202600:48
osv
Rows per page
id: CVE-2022-28923

info:
  name: Caddy 2.4.6 - Open Redirect
  author: Sascha Brendel,DhiyaneshDk
  severity: medium
  description: |
    Caddy 2.4.6 contains an open redirect vulnerability. An attacker can redirect a user to a malicious site via a crafted URL and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.
  impact: |
    Successful exploitation of this vulnerability could lead to phishing attacks, credential theft,.
  remediation: |
    Upgrade Caddy to version 2.4.7 or later to mitigate the vulnerability.
  reference:
    - https://lednerb.de/en/publications/responsible-disclosure/caddy-open-redirect-vulnerability/
    - https://www.cve.org/CVERecord?id=CVE-2022-28923
    - https://github.com/caddyserver/caddy/issues/4502
    - https://nvd.nist.gov/vuln/detail/CVE-2022-28923
    - https://github.com/ARPSyndicate/cvemon
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
    cvss-score: 6.1
    cve-id: CVE-2022-28923
    cwe-id: CWE-601
    epss-score: 0.01431
    epss-percentile: 0.698
    cpe: cpe:2.3:a:caddyserver:caddy:2.4.6:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: caddyserver
    product: caddy
    shodan-query:
      - 'Server: caddy'
      - "server: caddy"
  tags: cve,cve2022,redirect,caddy,webserver,caddyserver,vuln

http:
  - method: GET
    path:
      - '{{BaseURL}}/%5C%5Cinteract.sh/%252e%252e%252f'

    matchers:
      - type: regex
        part: header
        regex:
          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1
# digest: 4a0a00473045022100a4d54c44aaaea0a0bce94c38343c0763f28d6f1f29cb55177ac679c1fc23e4580220083128257665be14f936141f5f989c445affb67a15b9923df3970244fcb43a39:922c64590222798bb761d5b6d8e72950

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

04 Feb 2026 07:00Current
6.7Medium risk
Vulners AI Score6.7
CVSS 3.16.1
EPSS0.01431
SSVC
128